After performing user authentication by using credentials, a server computer to follow a remote operation protocol of a network receives a remote operation from a user. An account name and a password, specified by the user, correspond to the credentials, for example.
In a recent information processing system, in order to manage accounts in an integrated fashion, user authentication in a server computer is performed by using service tickets issued by a ticket issuing system, instead of sending, to a network, an account name and a password in plain text, in some cases. This case is based on the premise that pre-authentication utilizing the account name and the password is performed in the ticket issuing system.
If such an information processing system is subjected to a cyber attack and an account name and a password are plagiarized, an attacker acquires a service ticket and becomes able to perform an illegal remote operation on the server computer.
In addition, a device, which captures, for various purposes, communication data in an information processing system and which monitors behaviors within the system, is known.
Related technologies are disclosed in, for example, Japanese Laid-open Patent Publication No. 2010-130349, Japanese Laid-open Patent Publication No. 2012-221274, and so forth.